Bug 184144

Summary: cannot disable exec-shield-randomize
Product: Red Hat Enterprise Linux 3 Reporter: Ken Barr <kbarr216>
Component: kernelAssignee: Ingo Molnar <mingo>
Status: CLOSED WONTFIX QA Contact: Brian Brock <bbrock>
Severity: medium Docs Contact:
Priority: medium    
Version: 3.0CC: petrides
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-10-19 18:46:57 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ken Barr 2006-03-06 20:20:32 UTC 
Description of problem:
kernel ignores setting of
/proc/sys/kernel/exec-shield-randomize

There is no apparent way to run without address space randomization leaving us
with non-deterministic results in some programs.

Version-Release number of selected component (if applicable):
2.4.21-32.ELsmp 

I read the release notes for the -37 release and it made no mention of a fix for
this.

How reproducible:

always

Steps to Reproduce:

1.  Write a little test:

#include <stdio.h>

int main(){
  int x;
  printf("addr of x is %x\n", &x);
  return 0;
}



2.  become root and do:
# echo 0 > /proc/sys/kernel/exec-shield
# echo 0 > /proc/sys/kernel/exec-shield-randomize

3.  run test program several times
  
Actual results:
# ./a.out
addr of x is bfff9f74
# ./a.out
addr of x is bfffaa24
# ./a.out
addr of x is bfffde74

Expected results:
# ./a.out
addr of x is bfff9f74
# ./a.out
addr of x is bfff9f74
# ./a.out
addr of x is bfff9f74

(or some other non-changing address)


Additional info:
FYI: The exec-shield-randomize appears to have been replaced by
randomize_va_space in Fedora Core 4.  There, when I do echo 0 >
/proc/sys/kernel/randomize_va_space I get expected results.
Comment 1 Ernie Petrides 2006-03-06 22:34:51 UTC 
Which arch are you reporting this against (x86 or x86_64)?
Comment 2 Ken Barr 2006-03-06 23:34:49 UTC 
x86 aka ia32
Comment 3 RHEL Program Management 2007-10-19 18:46:57 UTC 
This bug is filed against RHEL 3, which is in maintenance phase.
During the maintenance phase, only security errata and select mission
critical bug fixes will be released for enterprise products. Since
this bug does not meet that criteria, it is now being closed.
 
For more information of the RHEL errata support policy, please visit:
http://www.redhat.com/security/updates/errata/
 
If you feel this bug is indeed mission critical, please contact your
support representative. You may be asked to provide detailed
information on how this bug is affecting you.